FAQ Hero

What is DMARC?

What is DMARC?

According to DMARC.org:

“DMARC stands for “Domain-based Message Authentication, Reporting & Conformance”, is an email authentication policy and reporting protocol. It builds on the widely deployed SPF and DKIM protocols, adding linkage to the author (“From:”) domain name, published policies for recipient handling of authentication failures, and reporting from receivers to senders, to improve and monitor protection of the domain from fraudulent email.”

In simplified terms, DMARC gives security professionals more transparency and better control over the emails sent and received by their domain in order to identify and block or quarantine potentially fraudulent emails more quickly. It’s a standard that helps to protect both consumers and brands from phishing and spoofing attacks.

You can find more detailed information about DMARC, including enforcement instructions, on our blog.

What Does DMARC-Enforced Mean?

DMARC enforcement, sometimes referred to as DMARC compliance or DMARC deployment, is a means of enabling Domain-based Message Authentication, Reporting & Conformance, or DMARC, within an organization.

DMARC is a TXT record stored in DNS that gives email receivers the ability to check the authenticity of received mail. It is designed to fit into an organization’s existing inbound authentication process and helps email receivers determine if a message “aligns” with what the receiver knows about the sender. Organizations have three policy options to handle “non-aligned” messages: “p = none” (no enforcement), “p = quarantine,” “p = reject.” For DMARC to work properly, Sender Policy Framework (SPF) and DomainKeysIdentified Mail (DKIM) protocols must be set up beforehand.

For a more detailed explanation, as well as a guide to setting up DMARC enforcement, see our DMARC Enforcement Guide.

Why is DMARC Important?

Three quarters of organizations were targeted by phishing and spoofing attacks in 2020, and 96% of those attacks were delivered by email. 36% of all breaches were caused by phishing attacks alone (source).

DMARC-enforcement is important because it gives organizations greater visibility into and control over the messages sent and received by their domain. This, in turn, allows organizations to identify and quarantine or reject potentially fraudulent email faster.

Growth in adoption of DMARC is extremely important. Very much like quarantining works to combat a physical pathogen, the more organizations who enforce DMARC, the fewer easy targets are available, and the safer email becomes for all users.

How can DMARC Compliance Prevent Phishing and Spoofing?

According to DMARC.org, “DMARC is designed to fit into an organization’s existing inbound email authentication process. The way it works is to help email receivers determine if the purported message “aligns” with what the receiver knows about the sender. If not, DMARC includes guidance on how to handle the “non-aligned” messages.”

Essentially, DMARC goes a step further than the widely adopted SPF and DKIM policies to create simple, scalable and effective methods of confirming an email’s authenticity, reporting questionable and fraudulent messages, and preventing delivery of phishing attacks. By reliably cutting off malicious messages before they are delivered, DMARC denies attackers their primary vector and dramatically reduces an organization’s vulnerable surface.